Proxy Social Networks

marceloeng · April 30, 2015, 4:03am

Hi,

I cannot block social networks using Authenticated proxy. Maybe has a https issue, because others sites category (ex: porn) works fine.

I have using the “Université Toulouse” blacklist.

Other question is: When in clients not authenticated in domain (PDC), the browser (Chrome, Firefox, etc.) show me a login display, but the user and password doesn’t work.

Regards,
Marcelo

m_farlotta · April 30, 2015, 5:18pm

he marcelo for blocking facebook and other site use proxy in trasparent mode and select category for blocking your sistes

oki.

marceloeng · May 8, 2015, 1:26am

Hi,

I want block with authentication, because I need a user reports.

Also I want block for hour and different user groups.

Regards,
Marcelo

marceloeng · May 12, 2015, 8:58pm

Hi,

The proxy authenticated works in authenticated clients (PDC), but in clients not authenticated in domain (PDC), the browser (Chrome, Firefox, etc.) show me a login display, and the user and password doesn’t work.

Can someone help-me?

Regards,
Marcelo

alefattorini · May 15, 2015, 2:30pm

We found some problems about it, can you better explain your configuration?

Windows Client Version
Windows server version Doeas
Join to AD by NethServer work correctly? check with “wbinfo -u”

marceloeng · May 15, 2015, 7:14pm

Hi Alessio,

I not using Windows Server. My only server is the NethServer as PDC, Proxy, etc.

Windows Client Version: Windows 7

Regards,
Marcelo

marceloeng · May 20, 2015, 5:03am

No solution yet?

davidep · May 23, 2015, 4:57pm

Hi @marceloeng,

So it seems like proxy has auth issues both in AD and PDC mode.

It’s hard to find a working config for any client… @nrauso @alefattorini we must dig again into this

filippo_carletti · May 23, 2015, 6:06pm

Could this be relevant?
http://dev.nethserver.org/projects/nethserver/repository/nethserver-squid/revisions/77d2287d6a3bdae4743350d1dade7f15c29b3f13/diff/root/etc/e-smith/templates/etc/squid/squid.conf/20acl_10_auth

marceloeng · May 25, 2015, 3:10pm

Hi,
I can connect now. I configured the proxy in browser.

User: DOMAIN\username
Password: userpassword

marceloeng · August 31, 2015, 12:31am

Hello,

I thought that had found the solution for the authenticated proxy without PDC, but this solution don’t work in Windows (tested on 7,8 and 10) . Only work in Firefox on Linux (tested on Fedora).

If the computer has joined in domain, then works.

Can someone help me?

Thanks,
Marcelo Costa

m_farlotta · July 25, 2016, 7:05pm

we solved this problem adding rules in the firewall

follow this steps :

1: get the code ASN of facebook (www.ultratools.com/whois) the result is:AS32934
2: in a linux terminal run the command /usr/bin/whois -h whois.radb.net '!gAS32934’
3: copy all ip networks
4: in the “firewall groups” create a networks for each network ip, for example
name : facebook 001
network address : 129.134.0.0
netmask: 255.255.0.0

name : facebook 002
network address : 157.240.0.0
netmask: 255.255.0.0

5: in the "firewall groups " create a “network/host group” and add each network created before.

6: in the “firewall rules” create a new rule
source > standard networks : green
destination > network/host groups : facebook
reject

7: if need permit access to some users, create a new rule and add the ip and permit all trafic

alefattorini · July 26, 2016, 10:04am

@marceloeng could you test it? Looks interesting, thanks for sharing! @m_farlotta

alefattorini · August 26, 2016, 8:12am

Would you mind to create a new howto/tipandtricks ? It might be useful to highlight it.